Rely on the most comprehensive, up-to-date legal content designed and curated by lawyers for lawyers
Work faster and smarter to improve your drafting productivity without increasing risk
Accelerate the creation and use of high quality and trusted legal documents and forms
Streamline how you manage your legal business with proven tools and processes
Manage risk and compliance in your organisation to reduce your risk profile
Stay up to date and informed with insights from our trusted experts, news and information sources
Access the best content in the industry, effortlessly — confident that your news is trustworthy and up to date.
With over 30 practice areas, we have all bases covered. Find out how we can help
Our trusted tax intelligence solutions, highly-regarded exam training and education materials help guide and tutor Tax professionals
Regulatory, business information and analytics solutions that help professionals make better decisions
A leading provider of software platforms for professional services firms
In-depth analysis, commentary and practical information to help you protect your business
LexisNexis Blogs shed light on topics affecting the legal profession and the issues you're facing
Legal professionals trust us to help navigate change. Find out how we help ensure they exceed expectations
Lex Chat is a LexisNexis current affairs podcast sharing insights on topics for the legal profession
Printer Friendly Version
Those who hold business sensitive data should take their cybersecurity seriously. New data protection requirements from 25 May 2018 when GDPR comes into force will compel an increased compliance; as all law firms hold significant amounts of personal data,
robust plans to protect client data and by extension the firm’s reputation, should be in place, no matter the size of the firm.
Cybersecurity is an issue which is not going away. In 2015, 62 per cent of law firms reported a cyber-attack in 2015. By 2017, the figure had increased to the majority of law firms having reported suffering a security incident in the past 12 months, with the report going on to note that 12% of firms claim to be recipients of such attacks on a daily basis with a further 30% identifying attacks on either a weekly or monthly basis.
In an ideal world, all law firms need some form of internal technology expertise, “to plan, guide, structure and deploy the relevant technology in a proactive, rather than reactive way” says Neil Prevett, Technology Director at regional mid-size
firm Gardner Leader. Neil joined in 2010 as IT Director, the sole internal IT resource, and has now built out internal expertise to a team of four.
“The need to focus on Cybersecurity is as important as the need to focus on their accounts system. It forms part of the big picture when it comes to providing excellent service and peace of mind to our clients. The risk of cybersecurity cannot be
ignored and will not go away, so law firms need to take action to ensure they protect themselves and their clients as much as possible”, Neil told us.
“Criminals & fraudsters’ methods are getting more sophisticated and complex and so are the solutions to combat them. It is critical that we try to stay a number of steps ahead – not only to protect us, but also our clients’
Cybersecurity is just one of a number of new threats/concerns to a law firm, as well as the complex issue of moving technology forward in a firm to the benefit of staff and clients alike. Neil’s belief in robust systems and plans comes from the
fundamental relationship between law firms and their clients: “We believe clients ‘assume’ that law firms will do all they can to protect their data and we take the responsibility of this ‘assumption’ very seriously.”
“The commercial advantage is probably the avoidance of bad publicity due to a breach”, Neil Prevett told us. “Like most technology projects, most work is done behind the scenes and is unseen by staff and clients. Our main role is to
ensure a solid, reliable and secure system that is fit for purpose and delivers what is required.”
A data breach can take many forms but whatever the outcome even the fact that one has occured can be enough to create bad publicity and for the firm to have to publicly acknowledge the situation.
In June 2017, a global cyber-attack against DLA Piper caused both operational upset and forced the firm to issue a statement acknowledging that there was “no evidence that client data was taken or that there was a breach of confidentiality of that
data. To our knowledge no interest of any client has been prejudiced as a result of this incident.”
In December 2017, London law firm Anthony Gold suffered a cyber attack in which 16,000 email contacts were sent when
the firm was hacked. Emails were sent under the subject line ‘Action Required – Matter for Attention’ and asking recipients to open an ‘urgent’ attachment. The firm released a statement apologising for the inconvenience
to clients and warning them not to open the attachment but the longer lasting issue to the firm is that articles still linger recording the breach.
“My ‘tip’ for any law firm that wants to move their IT systems forward is to ensure that they have a technology leader in the organisation that has law firm experience and knows how to manage and deliver such critical services.”
Neil was clear that internal resource and budget was crucial: “We have specialist managers in the areas of IT, HR, Marketing, Finance and so on, rather than these functions being an additional burden to the solicitors or Partners. Outsourcing can
often ‘appear’ to be good value on paper, but unless you have people that can really understand and react quickly to the lawyer’s needs, the benefit is lost. There is no way we could provide the speed, accuracy, efficiency and response
to queries raised if we outsourced.”
For futher insights into the state of tech investment and challenges, read our latest report: Is your Tech Smart?. For more guidance
and support on compliance, find out out LexisPSL Practice Compliance here.
Neil Prevett is Technology Director at Gardner Leader LLP. His experience includes 4 years with a major legal software supplier, and 8 years with a top 150 law firm before joining Gardner Leader in 2010. He was awarded Regional IT Director of the Year at the Legal Technology Awards in 2009.
0330 161 1234